Security

‘Garmin’ Services Are Down, Possibly Due to a Ransomware Attack

By Bill Toulas / July 24, 2020

Garmin users who went for a run yesterday were surprised to see that the “Connect” service on the mobile app was down. As the American navigation products maker explained through Twitter a few hours ago, they are indeed experiencing an outage that affects their app services, website, call centers, email server, chat systems, etc.

Due to the extensive outage, this looks like a typical case of a ransomware attack - although the company hasn’t admitted anything on that part yet. On the contrary, the India-based branch even told people that their servers are down for maintenance.

According to Bleeping Computer, Garmin employees have leaked information about the “WastedLocker” ransomware strain hitting the firm. Symantec researchers have warned about an imminent wave of attacks against multiple American companies a month ago, but maybe Garmin didn’t take note at the time.

If this is indeed what happened, Garmin should be facing demands for many millions of USD right now, so negotiations may be already underway.

garmin website

Garmin website

In the meantime, Garmin users on Twitter are unfolding their #FirstWorldProblems, complaining about the service being down and not being able to track their sleep cycles or their running sessions. To be fair, Garmin should have an offline mode that allows its smartwatches to communicate with smartphones without needing to pass through the company’s servers at all.

If that were an option, users would still be able to use their Garmin wearables, and maybe the company wouldn’t feel the overwhelming pressure to pay the ransomware actors and have the matter resolved as soon as possible.

But the interruption of services may not be the only problem that Garmin is facing right now - and if WastedLocker hits them, data exfiltration should be considered a fact. Several users report that their activities’ historical data had disappeared from their devices a couple of days ago before the services were taken offline.

Related: “WastedLocker” to Attack Large Corporations in the United States

This is very consistent with ransomware attack patterns, as actors first exfiltrate the data and then lock the target’s systems down. That said, the sensitive personal data of Garmin users may have been compromised.

If you own a Garmin device, don’t panic. First, be patient until the firm resolves the technical problems. Secondly, reset your passwords once you can reaccess the apps. Thirdly, treat any future incoming unsolicited communications with extra care, especially if they claim to come from Garmin, asking you to update your information as a security measure/response to this very incident.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: